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Remarks 

Claims 2, 3, 28-30, 32-36, and 44-46 are pending. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the 
fee set forth in 37 CFR 1 .17(e), was filed in this application after final rejection. 
Since this application is eligible for continued examination under 37 CFR 1.114, 
and the fee set forth in 37 CFR 1 .1 7(e) has been timely paid, the finality of the 
previous Office action has been withdrawn pursuant to 37 CFR 1 .1 14. 
Applicant's submission filed on 2/2/2009 has been entered. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

2. Claim 45 is rejected under 35 U.S.C. 1 1 2, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter 
which applicant regards as the invention. 

Claim 46 refers to performing authentication operations on data, then 
sending the result of the authentication operations to have "encryption 
operations" performed with the remaining payload data. However, claim 45 
attempts to reverse this, stating that encryption operations (in this case, 
comprising decryption) occur before the authentication operations, and that the 
result of the encryption operations are passed to the authentication component. 
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Since the independent claim sets forth a particular order in which "encryption 
operations" (apparently meaning either encryption or decryption) are performed, 
the dependent claims cannot change this order. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

3. Claims 2, 3, 28-30, 33, 35, 36, and 44-46 are rejected under 35 U.S.C. 
1 03(a) as being unpatentable over Kaplan (U.S. Patent 6,704,871 ) in view of 
Larsen (U.S. Patent 7,068,791), Huynh (U.S. Patent 6,983,366), Fumy (Fumy, 
Walter, "Internet Security Protocols", 1998, pp. 186-208, obtained from 
Springerlink). 

Regarding Claim 46, 

Kaplan discloses a method for accelerating cryptographic 
processing of a plurality of data packets according to a network 
security protocol, comprising: 

Receiving, in a chip, data for a first packet from an off-chip 
processor (Column 27, line 55 to Column 29, line 12; Column 39, 
lines 25-42; Column 41, lines 16-51; and Column 43, line 1 to 
Column 44, line 31); 
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Performing authentication operations on data for the first 
packet to generate an authentication code (Column 37, line 41 to 
Column 38, line 62); 

Performing encryption operations on a set of data for the first 
packet, wherein the encryption operations on the set of data for the 
first packet are performed in parallel with the authentication 
operations for the first packet (Column 37, line 41 to Column 38, 
line 62); 

Receiving, in the chip, data for a second packet (Column 27, 
line 55 to Column 29, line 12; Column 37, line 41 to Column 38, line 
62; Column 39, lines 25-42; Column 41, lines 16-51; and Column 
43, line 1 to Column 44, line 31); 

Adding padding to remaining data to be encrypted for the 
first packet to generate a first packet data block having a 
predefined length (Column 37, line 41 to Column 38, line 62; 
Column 39, lines 26-42; Column 41, lines 16-51; and Column 42, 
lines 29-54); 

Performing encryption operations on the first packet data 
block (Column 37, line 41 to Column 38, line 62); 

Performing authentication operations on data for the second 
packet (Column 37, line 41 to Column 38, line 62); and 



Application/Control Number: 09/929,178 Page 5 

Art Unit: 2437 

Passing the cryptographically processed first packet from the 
chip to the off-chip processor (Column 27, line 55 to Column 29, 
line 12; and Column 43, line 1 to Column 44, line 31); 

Wherein the authentication and encryption operations for the 
first packet are performed within the chip in a single pass (Column 
37, line 41 to Column 38, line 62; and Column 41, lines 16-51); 

But does not explicitly disclose that the authentication 
operations are performed on a set of header data and the payload 
data of the packet, combining remaining payload data for the first 
packet with the authentication code for the first packet, that the 
padding is added to the combined remaining payload data and 
authentication code, or that the authentication operations for the 
second packet are performed simultaneously with the encryption 
operations on remaining payload data and authentication code for 
the first packet. 

Larsen, however, discloses that the authentication 
operations are performed on a set of header data and the payload 
data of the packets (Column 7, lines 6-45). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate the secure packet system of Larsen into 
the cryptographic co-processor of Kaplan in order to provide 
multiple authentication codes within each packet, thereby allowing 
the system to determine whether a message came from a proper 
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sender via the header's authentication code, so as to allow for 
adaptive retransmission, even when the payload of the packet was 
received in error (and thus, the packet's authentication code is 
incorrect). 

Huynh, however, discloses that the authentication operations 
for the second packet are performed simultaneously with the 
encryption operations on the remaining data to be encrypted for the 
first packet (Column 2, lines 24-35; Column 6, lines 19-38; and 
Column 8, line 23 to Column 9, line 8). It would have been obvious 
to one of ordinary skill in the art at the time of applicant's invention 
to incorporate the packet processing techniques of Huynh into the 
cryptographic co-processor of Kaplan as modified by Larsen in 
order to allow another packet to be processed as soon as a 
particular resource (encryption or authentication unit) becomes 
available, so the system need not wait until the first packet is 
completely processed before beginning processing of another 
packet, thereby allowing the system to process network security 
protocol data faster and more efficiently. 

Fumy, however, discloses combining remaining payload 
data for a packet with the authentication code for the packet; 
adding padding to the combined remaining payload data and 
authentication code for the packet to generate a packet data block 
having a predefined length; and performing encryption operations 
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on the packet data block (Pages 198-199). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's 
invention to incorporate the network security protocols of Fumy into 
the cryptographic co-processor of Kaplan as modified by Larsen 
and Huynh in order to provide security using secure, highly-used, 
and well-known protocols, and/or to gain cryptographic security 
between two parties and interoperability between differently coded 
programs. 

Regarding Claim 2, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Fumy discloses that the 
network security protocol is SSLv3 (Pages 196-197). 

Regarding Claim 3, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Fumy discloses that the 
network security protocol is TLS (Pages 197-203). 

Regarding Claim 28, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Kaplan discloses aligning the 
received set of header data for the first packet (Column 39, lines 
25-42; Column 43, lines 1-28; and Column 44, lines 35-43). 

Regarding Claim 29, 
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Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 28, in addition, Kaplan discloses storing the 
aligned set of header data for the first packet in a FIFO to 
accumulate a predefined amount of data before commencing the 
authentication operations (Column 38, lines 50-57). 

Regarding Claim 30, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 29, in addition, Kaplan discloses that the 
predefined amount of data comprises 512 bits (Column 38, lines 
50-57). 

Regarding Claim 33, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Kaplan discloses aligning, for 
encryption operations, the set of data in the payload data for the 
first packet to provide the aligned data for the encryption operations 
(Column 39, lines 26-42). 

Regarding Claim 35, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 33, in addition, Kaplan discloses that aligning, 
for encryption operations, comprises adding padding (Column 39, 
lines 26-42). 

Regarding Claim 36, 
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Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 33, in addition, Kaplan discloses storing the 
aligned set of data in the payload data for the first packet for the 
encryption operations in a FIFO to accumulate a predefined amount 
of data before commencing the encryption operations (Column 39, 
lines 26-42; and Column 40, lines 43-52). 
Regarding Claim 44, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Kaplan discloses that the 
authentication operations are performed by an authentication 
component of the chip; the encryption operations are performed by 
an encryption component of the chip; and authentication data 
generated by the authentication component is passed to the 
encryption component and aligned by the encryption component 
(Column 38, lines 58-62; Column 39, lines 25-42; Column 40, line 
42 to Column 41, line 15; Column 42, lines 12-29; and Figure 9); 
and Fumy discloses passing authentication data to an encryption 
component (Pages 198-199). 
Regarding Claim 45, 

Kaplan as modified by Larsen, Huynh, and Fumy discloses 
the method of claim 46, in addition, Kaplan discloses that the 
authentication operations are performed by an authentication 
component of the chip; the encryption operations are performed by 
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an encryption component of the chip; and decrypted data 
generated by the encryption component is passed to the 
authentication component and aligned by the authentication 
component (Column 38, lines 58-62; Column 39, lines 25-42; 
Column 40, line 42 to Column 41, line 15; Column 42, lines 12-29; 
and Figure 9). 

4. Claim 32 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Kaplan in view of Larsen, Huynh, and Fumy, further in view of Ganapathy (U.S. 
Patent 6,557,096) 

Kaplan as modified by Larsen, Huynh, and Fumy discloses the 
method of claim 28, in addition, Larsen discloses that the header data for 
the first packet comprises content type and length (Column 7, lines 6-45; 
and Column 9, lines 1-23); but does not explicitly disclose that the data is 
aligned into rows of data where each row of data contains a single type of 
data. 

Ganapathy, however, discloses that the data is aligned into rows of 
data where each row of data contains a single type of data (Column 17, 
lines 38-55; Column 19, line 35 to Column 20, line 25; and Figure 1). It 
would have been obvious to one of ordinary skill in the art at the time of 
applicant's invention to incorporate the data aligner of Ganapathy into the 
cryptographic co-processor of Kaplan as modified by Larsen, Huynh, and 
Fumy in order to properly align and format data before sending it for 
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mathematical (in this case, authentication and encryption/decryption) 
operations, so that the data has any needed sign and guard bits pre- 
pended thereto. 

5. Claim 34 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Kaplan in view of Larsen, Huynh, and Fumy, further in view of Gaytan (U.S. 
Patent 5,638,367). 

Kaplan as modified by Larsen, Huynh, and Fumy does not explicitly 
disclose that aligning comprises removing non-valid data. 

Gaytan, however, discloses that aligning comprises removing non- 
valid data (Column 1 , line 62 to Column 2, line 29). It would have been 
obvious to one of ordinary skill in the art at the time of applicant's invention 
to incorporate the data packing system of Gaytan into the cryptographic 
co-processor of Kaplan as modified by Larsen, Huynh, and Fumy in order 
to gain better throughput and performance by only sending valid data past 
the buffer. 

Conclusion 

Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to JEFFREY D. POPHAM whose telephone 
number is (571)272-7215. The examiner can normally be reached on M-F 9:00- 
5:30. 
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If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Emmanuel Moise can be reached on (571)272-3865. The 
fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 
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